The Search for Quantum-Resistant Cryptography: Understanding the Future Landscape

October 14, 2019

The Search for Quantum-Resistant Cryptography: Understanding the Future Landscape

Sectigo Announces a Broad Set of Resources to Educate the Cybersecurity Community About the Implications of Quantum Computing on PKI.

Quantum computing is set to transform the IT industry. This new computing architecture takes advantage of quantum mechanics to deliver capabilities beyond what traditional binary computing can achieve. However, these capabilities come at a cost. Once quantum computers reach a certain state of maturity, they are destined to render the cryptographic underpinnings of today’s digital systems insecure.

To help enterprises prepare for the implications of quantum computing, Sectigo, the world’s largest commercial Certificate Authority (CA) and a provider of purpose-built and automated PKI management solutions, has created a broad set of 15 educational resources for security industry professionals in the form of a whitepaper, podcast episodes and transcriptions, and articles.

By its nature, quantum computing is highly effective at factorizing numbers, which means quantum computers will be many orders of magnitude faster at the calculations necessary to break the RSA and ECC (Elliptic Curve Cryptography) encryption that underpins our digital systems today. This efficiency gain is so monumental that increasing the key sizes of these cryptographic schemes is not a viable solution. Rather, the world’s Public Key Infrastructure (PKI) systems will have to migrate to one or more new, quantum-resistant encryption algorithms before quantum computers break current encryption methods.

PKI is necessary for the secure operation of all the confidential and mission-critical digital processes in our global economy, including finance, commerce, communication, enterprise computing, transportation, defense, manufacturing, healthcare, government, and logistics. The impact of insecure PKI would be so vast that this potential outcome has come to be known as the Quantum Apocalypse.

The Search for Algorithms is Underway

Thought leaders from industry, academia, and government are combining efforts to discover and deploy quantum-resistant cryptographic solutions across our global digital systems. The National Institute for Standards and Technology (NIST) has been leading an effort to identify one or more cryptographic approaches that can substitute for RSA and ECC. The community participating in NIST’s process now has a list of more than 20 candidate algorithms that are undergoing scrutiny of their suitability for this task.

Successful quantum-resistant algorithms must be difficult to break using brute-force attacks by both traditional and quantum architectures while still meeting performance standards similar to today’s algorithms. To be viable for widespread use, the algorithm must deliver on criteria such as:

- Fast encryption using traditional computers- Fast decryption (with private keys) using traditional computers- Impractical to decrypt (without private keys) using quantum or traditional computing architectures- Able to generate encrypted data of a size that is reasonable for storage and transmission across networks and the internet- Compatible with a vast range of software, hardware, and services- Well-understood and checked against potential attacks

Understanding the Challenge – Available Resources

“While no one can definitively say when quantum computers will reach the point of defeating RSA and ECC, many estimates place that date in the next 10 or 15 years. Any organization that does not migrate by then will be vulnerable,” said Tim Callan, Senior Fellow, Sectigo.

“At Sectigo, we are working with our large base of enterprises, schools, and government agencies to help them achieve crypto agility by putting in place the systems and automation capabilities necessary to ensure rapid and comprehensive migration to these new standards once they arrive.”